2. Cyber-physical Adversarial Attacks and Countermeasures for Deep Learning Vision Systems on Critical Infrastructures

By Efi Kafali, Visual Computing Lab, Information Technologies Institute, Center for Research and Technology Hellas | Kassiani Zafirouli, Visual Computing Lab, Information Technologies Institute, Center for Research and Technology Hellas | Konstantinos Karageorgos, Visual Computing Lab, Information Technologies Institute, Center for Research and Technology Hellas | Theodoros Semertzidis, Visual Computing Lab, Information Technologies Institute, Center for Research and Technology Hellas | Petros Daras, Visual Computing Lab, Information Technologies Institute, Center for Research and Technology Hellas

Downloaded: 2219 times

Published: 15 Sep 2021

© 2021 Efi Kafali | Kassiani Zafirouli | Konstantinos Karageorgos | Theodoros Semertzidis | Petros Daras

Abstract

Advanced smart equipment and intelligent deep learning systems are nowadays used with great success in numerous applications. Among them they have also introduced in the operational environments of critical infrastructures. Deep learning (DL) models significantly outperform most of the “old school” machine learning methods or automate activities that until now relied on humans. DL-based Computer Vision systems are among the most popular ones for industrial applications that range from the actual security and surveillance of the site to the operation of workshops, such as robot assisted assemblies or vision-based quality control. However, DL models may be vulnerable to cyber or physical attacks that are difficult to detect or mitigate if not designed properly. These so call adversarial attacks and their countermeasures are now a novel research field that needs consideration by all DL-based systems and especially by those used in critical infrastructures. This book chapter is focusing on the presentation and analysis of deep learning-based computer vision models, their possible adversarial attacks and countermeasures.